Book Image

VMware vSphere 5.x Datacenter Design Cookbook

By : Hersey Cartwright
Book Image

VMware vSphere 5.x Datacenter Design Cookbook

By: Hersey Cartwright

Overview of this book

Table of Contents (19 chapters)
VMware vSphere 5.x Datacenter Design Cookbook
About the Author
About the Reviewers

Securing the management components

Securing the management components is critical. If the vCenter Server is compromised, a great deal of damage can be done, from powering off virtual machines to completely deleting virtual machines from disks.

We will not dive deep into the configuration of security, instead we will just take a look at some of the key best practices that should be considered when designing the management layer.

How to do it…

There are a number of security practices that can be implemented to harden the management environment as follows:

  • Place the vCenter Server and other management components on a separate physical network or Virtual Local Area Network (VLAN). Providing a network separation of the management components from production networks used by virtual machines makes it easier to configure firewall access to the management components.

  • Use VUM to apply critical security patches to hosts. ESXi already has a very small attack service, but critical security patches are released...